Multiple login pages are changing the username in session tracking in RSA Web Threat Detection and Silver Tail
RSA Product Set: Web Threat Detection RSA Product/Service Type: Forensics RSA Version/Condition: All Platform: Linux O/S Version: RHEL/CentOS 5.x/6.x
While a session is being tracked successfully, an authenticated user hits a second configured login page. The new page username will overwrite the previous username.
This is normal configured behavior. Every time a login page is hit, the username will be saved into the configuration. This will overwrite any previous information that was already being used to for user session tracking.
The Request for Feature Enhancement (RFE) WTD-4846 has been created to address this issue. It will be reviewed by the Product Management team, who will determine if this behavior can be changed.
As a workaround for the issue, you may disable the second login page or redesign the website design to not have a user go to a second configured login page.